A recent Frost & Sullivan study of Asia-Pacific organizations reported key security concerns from undetected security breaches to online brand impersonation. The industry analyst firm reported one in four organizations in Asia-Pacific have experienced a cybersecurity incident, and 27 percent of organizations admitted they could not determine if their data was breached because they don't conduct data breach assessments.

We're pleased to offer the fifth installation of our quarterly partner/industry blog series. We recently shared a booth with BehavioSec at RSA 2018 and spoke with Olov Renberg, BehavioSec's Co-Founder and COO about the growing use of behavioral biometrics, aka behaviometrics, and the changing IAM landscape

A U.S. Senate Intelligence Committee report released earlier this week confirms there was some meddling in the 2016 election cycle by Russian-linked operatives. While the publicly released report summary, entitled "Russian Targeting of Election Infrastructure During the 2016 Election," shows voting systems in as many as 21 states were targeted, the impact was largely negligible.

Carolina Martinez, a longtime executive at Versasec partner Gemalto, is joining our team as Director of U.S. Operations and we couldn't be happier. As part of our team, Carolina is responsible for one of our most important markets and her work includes establishing new customer relationships, overseeing customer interactions and ensuring customer satisfaction across the Americas.

The RSA Conference 2018 this week in San Francisco was our launching pad for vSEC:CMS S-Series Version 5.1. This latest upgrade to our identity and access management (IAM) solution has a strong focus on Virtual Smart Cards, TPM management, and Remote Security Device Management (RSDM) functionality, making it increasingly relevant in the Internet of Things (IOT) space.

Just in Time (JIT) Virtual Smart Cards are becoming increasingly in demand as organizations take advantage of the Trusted Platform Module (TPM), which provides access control for secure authentication. Virtual Smart Cards emulate physical smart cards and their capabilities but do not need any of the physical hardware, including physical card readers and smart cards, to effectively manage and authenticate user identities.

Versasec partner certgate is one of the leading IT security providers in the mobile communications industry. The companies are working together to protect organizations' mobile and computer devices against hackers, data leakage and especially unauthorized access. Any Bluetooth-enabled device, including desktops, laptops, etc., is easily read by cergate's combination card reader and visual badge holder, AirID.

We recently conducted our third annual global IT security survey and learned that for more than half of the respondents, the European Union's GDPR which goes into effect in May 2018, is weighing heavily into their current security strategy decisions. When we looked at EMEA-based companies alone, that number climbed to nearly 70%. But as most of know, virtually every other region in the world will feel the impact of the GDPR, and the survey revealed that among those were nearly one in three North American companies and more than half of the Asia/Pacific respondents said GDPR will impact them.

Recently, ECN published an opinion piece on why smartphones can do double duty to secure data and a user's identity. Certainly, the smartphone is a good tool for authentication, but relying on One-Time Passwords (OTPs) is not an ideal two-factor authentication method, because OTP authentication makes use of rather short computer-generated passwords. These passwords are often provided to the user with none or very weak authentication.

We've written about the dangers of One-Time Passwords (OTP) for use in two-factor authentication and applauded the National Institute of Standards and Technology's (NIST) stance on eliminating SMS-based OTPs. It seems we're not alone. FireEye recently blogged about the dangers of OTPs in phishing campaigns and how hackers are using real-time phishing in attacks on corporate websites.

From a well-meaning colleague who lends her password to a co-worker in need, to the guy who uses the same password at home and work because it's easy, to the employee who visited a rogue site and is now being blackmailed -- it's often a company's most trusted employees who can be putting the corporate data at risk.

While you might not see a fully autonomous car coming out of Sweden yet, it's clear Sweden is leading the world in security, according to a ComputerSweden article. The article about the strongest technology trends in Sweden states the security market, according to analyst firm Redeye, is expected to grow by 7.8 percent per year through 2020. The report mentions a strong Versasec partner, Yubico, as a strong supplier side security company.

Our development team spent a lot of time last year focused on the client side of our identity and access management solution, with a heavy emphasis on user self-service. In fact, those improvements and enhancements figure prominently in vSEC:CMS 5.0, which was released last week.

Lots of computer users still don't realize how or even that their personal information is gathered, shared and used. But, as with the law, ignorance isn't an excuse, and companies that don't make every effort to secure and protect their data can find themselves in legal and financial troubles, and with potentially fatal damage to their brand.

It's a new year and corporations - and their shareholders -- are hoping for fewer corporate data breaches. They want to forget about 2017, which saw record breaches, many preventable. In this blog, we identify four security lessons learned from 2017's high-profile security breaches every IT manager should consider, to prevent similar breaches in 2018:

Like every industry, it's an imperative for government agencies to safeguard their data, and many agencies are extending their security requirements right down the line to their suppliers and contractors.

Two-factor authentication (2FA) is one of the most powerful and well-established techniques for strengthening user credentials. The U.S. government requires all its employees, contractors and vendors use 2FA. And businesses of all types should follow suit.

It was inevitable: the scammers are now going after companies in Europe and elsewhere that are preparing for the European Union's cybersecurity General Data Protection Regulation (GDPR), also known as EU 2016/679. The GDPR privacy rules go into full effect in May 2018.

In early December in France it was reported that companies preparing for the GDPR, which is known as the RGPD in France, were being targeted with some less-than-sophisticated phishing-type schemes. According to what was reported, the scheme involved alarm-inducing urgent phone calls and faxed messages to companies, purportedly from the Commission nationale de l'informatique et des libertés (CNIL).

Among the report highlights, Market Research Future noted that new identity and access technologies are driving sales and market growth. Advanced authentication adds an additional layer of security to standard username and password authentication method. Identity and access management companies recognize that hackers are stealing identity badges and numeric PINs. In response, they have developed different authentication techniques such as one-time passwords (OTPs), biometrics and virtual smart cards.

Search

Get in touch

Ready to discuss the advantages and benefits of Versasec solutions for your company? Our experts will work with you to determine your specific identity and access management requirements, outline best practices and guidelines for your IT environment based on real-life scenarios, and provide you with a detailed and personalized plan and quote.